Method and device for data protection

ABSTRACT

The method for protecting data includes: assigning in the IT system of an author user, digital conditioning attributes of the data, corresponding to at least one predetermined event that is liable to affect the data in future use, attributing in the IT system, information that secures data integrity, setting up in the IT system, an envelope file carrying data, digital conditioning attributes affected to the data and information that secures data integrity, storing in a remote IT system, digital conditioning attributes affected to the data and information that secures data integrity, for each predetermined event related to the data, storing in the remote IT system an identifier of the event and its date, and at each connection, storing predetermined events corresponding to data attributes, in the IT system of the author, so that the IT system keeps track, for each event regarding data, the identifier of the event, the identifier of the user at the origin of the event and its date.

The current invention concerns a method and a device for dataprotection. It applies in particular to secured digital data processing.More precisely, the present invention is designed to ensure control overthe circulation of an electronic piece by its author user.

The traditional digital signature techniques using public keys are meantto guarantee the identity of the author of a piece of work and sometimesadd time stamp functions.

The future user of a signed piece of work is guaranteed from theintegrity, the author's identification and from the creation date of thework by successively using the author's public key, the date/hourstamping device public key and by checking the list of revokedcertificates from a certification authority.

These traditional techniques have several drawbacks, amongst which: i)They don't protect the authors from the risk of theft of their privatekey; ii) they don't take into account all the notarization aspects, andespecially those concerning the destination of digital works, i.e.acknowledgement of receipt features; and iii) they offer no possibilityto the authors to control the broadcasting of their work.

To remedy these drawbacks, the traditional solution is usually to createsecure channels or trust zones where subscribers of the service canexchange information which may be backed-up in a specific table. Thistraditional solution is implemented through costly specific developmentand seldom offsets all of the drawbacks of the digital signature;furthermore it has some serious shortcomings i) what happens to theinformation once it is out of the secure area and is directed towards anunlisted user or towards a non compatible secure zone?; ii) How aremalicious intrusions of secured channels handled?; and iii) They obligethe organization wishing to implement a digital signature solution toentrust the management of its sensitive data to a certificationauthority.

The present invention aims at overcoming these drawbacks. To thateffect, under a first aspect, the present invention relates to a dataprotection process, characterized in that it includes:

-   -   a step of allocating, in the IT system of an author, attributes        of “digital conditioning” to the data, attributes corresponding        to at least one predetermined event liable to affect the data        during its future use,    -   a step of attributing, in the IT system of the author, a piece        of information that guarantees the integrity of said data,    -   a step of creating an <<envelope>> file, in the IT system of the        author, envelope which contains data, digital conditioning        attributes pertaining to the data, and the information that        guarantees the data integrity,    -   a step of storing, in a remote IT system, of the digital        conditioning attributes of the data and of the information that        guarantees the data integrity,    -   for each predetermined event related to the data, a step of        storing, in the remote IT system, in relation with the        attributes of said data, of an identifier and of the date of the        event, and    -   at each connection between the author's IT system and the remote        system, a step of storing predetermined events corresponding to        the attributes of the data in the IT system of the author, so        that the IT system of the author keeps track of the identifier        of each event concerning the data, the identifier of the user at        the origin of the event and the event date.

Thanks to these features, and to the data attributes, the user isinformed of all events affecting the data prior to his last connectionto the remote system.

According to particular features, during the attribution of digitalconditioning attributes, among the attributes of the data, there will bean identifier of the author of the data. Thanks to these features, eachfuture user accessing the data will know the identity of its author.

According to particular features, during the attribution of digitalconditioning attributes, among the attributes of the data there will bean identifier of each new user, signatory or recipient of the data.Thanks to these features, each future user accessing the data will knowthe identity of each future signatory or recipient.

According to particular features, any event affecting the data by afuture user will be restricted to a connection between the IT system ofthe future user and the remote IT system.

Thanks to these features, the remote IT system and hence the author ofthe data are informed of all the events affecting the data.

According to particular features, during the storage step in the remoteIT system of the event identifier, the remote IT system also stores theidentifier of the user at the origin of the event.

Thank to these features, the author is informed of the identity of anyfuture user originating an event on the data.

According to particular features, the device briefly described hereabove includes a step that determines the usage conditions of the databy the IT system of the author, and at each access query to the data,the usage conditions of the data are checked.

Thanks to these features, the user himself/herself defines theconditions determining future data usage by users.

According to particular features, the usage conditions includeidentification conditions of the future user. According to particularfeatures, the identification conditions of the user include at least adigital certificate of the IT system of the future user. According toparticular features, the identification conditions of the user includeat least a digital signature of the IT system of the future user.

Thanks to each of these features, the future user is authenticated andthe author can be assured of the identity of all future users of hisdata.

According to particular features, the usage conditions include the right(or not) to edit the data. Thanks to these features, the author decideswhether the data can be modified or not.

According to particular features, the usage conditions include theaccess rights duration to the data. Thanks to these features, the authorcan limit the usage period of his data. Note that this period can be alength of time such as two weeks (e.g. for documents to be signed for acompany's general meeting), or a deadline (e.g. for a limited saleoffer).

According to particular features, the information that guaranteesintegrity is a hash value. Thanks to these features, the implementationof the information that guarantees data integrity can be simplified andstandardized.

According to particular features, each user has an account with apredetermined number of accesses to data called “stamps” and each dataaccess or retrieval will deduct one “stamp” from the user's account.Thanks to these features, the services provided by implementing thepresent invention can be paid on demand or by subscriptions.

According to particular features the process, as briefly describedabove, includes during at least one part of the events affecting thedata (e.g. the digital signature) a step of transmitting to the authoran acknowledgement receipt identifying the future user that hastriggered the event.

According to particular features, during the event recording step, theIP address and/or the identifier of the future user's internet serviceprovider (ISP) are recorded.

According to particular features, to carry out at least one of the stepsof assigning attributes to the data, in the IT system of the author, ofattributing information that guarantees the integrity of the data, andof storing in the remote IT system the data attributes, the sender usercarries out a step of selecting, which is equivalent to a mouse clickdisplaying a menu which includes an identification of the process objectof the present invention. With specific characteristics, when the useropens a data file, by said selection, he/she triggers the process objectof the present invention on said data file. According to particularfeatures, the selection step is carried out by a right-click of themouse.

Thanks to these features, the use of the process object of the presentinvention by the author is user friendly and intuitive.

According to particular features, when the data is modified by a futureuser during a predetermined event, the remote IT system records themodifications of the data. Thanks to these features, the author isinformed of the modifications of his data.

According to particular features, the digital conditioning attributesdetermine which future users will be authorised to sign the data.

According to particular features, for at least one predetermined event,the digital conditioning attributes allocated during the data attributesallocation step, represent an identification of at least one futureuser. The digital conditioning attributes are called “notarizationcriteria”. Thanks to these features, the author can choose the futureusers, and among those, the future users with permission to sign data.

According to particular features, for at least one predetermined event,the digital conditioning attributes allocated during the data attributesallocation step, represent a usage conditioning of the data. The digitalconditioning attributes are called “control attributes”. Thanks to thesefeatures, the author can choose which uses of the data are authorised:For instance, read, download, edit.

One notices that notarization criteria and control attributes can becombined so that any future user may be granted specific usage rights.For example, a lawyer could have data editing rights, a signatory mayhave downloading rights, and a non signatory user simple read rights.

According to particular features, the process includes a transmissionstep, to each author and to each signatory user, of an identification ofat least one predetermined event, of the occurrence date of eachpredetermined event and of the identification of the future usertriggering the event.

Thanks to these features, the author and signatory user's are informedof events corresponding to predetermined events linked with the“notarization criteria” affecting the data and prior to their lastconnections to the remote IT system.

According to particular features, the process includes in the IT systemsof the author and of the signatory users, a step of bundling thoseevents, corresponding to predetermined events called “notarizationcriteria” with the bundle called “envelope” initially created.

Thanks to these features, the bundle called “envelope” helps identifyingthe events affecting the data, even if duplicated outside the current ITsystem of the user.

According to particular features, each remote IT system is controlled byanother remote IT system called “post office”. Thanks to these features,the post office keeps the envelopes sent by the remote IT systems.

According to particular features, the process, as briefly describedabove, includes a step of bundling the events with the envelope in eachIT system of each author and of each signatory user.

With the current techniques, when the author of a document wishes toobtain the signatures of several people and, once he has obtained allthe signatures, when he wants to obtain their acknowledgement receipts,he must carry out the following operations:

-   -   the author must identify himself/herself as author,    -   the author sends the document to the first signatory, who signs        it and then sends it to the second signatory and so on until all        signatories have signed,    -   the author can only send the document signed by all signatories        once they have all signed the document.

The first drawback in this situation is that unless you can reach allsignatories at once, only one person has all the preceding signatures.

The second drawback is that acknowledgement receipt are sent to oneperson only who has to warn the other signatories.

A second aspect of the present invention aims at overcoming thesedrawbacks. To that effect, the present invention relates to a dataprocessing process, characterized by:

-   -   for at least one predetermined event affecting the data, a step        of allocating attributes called “digital conditioning        notarization” to that data, step in which the digital        conditioning attributes represent the identification of at least        one future user,    -   a step of creating, in the IT system of the author, an        <<envelope>> file which contains data, digital conditioning        attributes pertaining to said data, and information that        guarantees the integrity of said data,    -   a step of transmitting to each author and to each signatory        user, an identifier of the event corresponding to a        predetermined event using a digital conditioning notarization        attribute, the date of the event and the identification of the        future user originating the event, and    -   in the IT systems of each author and of each signatory user, a        step of bundlng the events with the envelope.

Thanks to these features, the step of bundling allows a synchronized andtherefore fast update of the envelopes of each author and of eachsignatory user.

Under a third aspect, the present invention aims at a data protectionprocess characterized by:

-   -   a step of recording, in a remote IT system, attributes of said        data from the IT system of an author,    -   for each predetermined event related to the data, a step of        storing, in the remote IT system, in relation with the        attributes of the data, an identifier and the date of the event,        and    -   at each connection between the author's IT system and the remote        system, a step of updating and storing attributes of said data,        in the IT system of the author, so that the IT system of the        author keeps track of the identifier of all the events        concerning the data, the identifier of the user at the origin of        the event and the date of the event.

Under a fourth aspect, the present invention relates to a dataprotection device, characterized by:

-   -   means for allocating, in the IT system of an author, attributes        of “digital conditioning” to the data, attributes corresponding        to at least one predetermined event liable to affect the data        during its future use,    -   means for attributing, in the IT system of the author, a piece        of information that guarantees the integrity of said data,    -   means for creating an <<envelope>> file, in the IT system of the        author, envelope file which contains said data, digital        conditioning attributes pertaining to said data, and the        information that guarantees the integrity of said data,    -   means for recording, in a remote IT system:        -   i) digital conditioning attributes of the data and of the            information that guarantees the integrity of said data,        -   ii) for each predetermined event related to said data, in            relation with the attributes of said data, an identifier of            the event and the date of the event, and        -   iii) at each connection between the author's IT system and            the remote IT system, predetermined events corresponding to            the attributes of the data in the IT system of the author,            so that the IT system of the author keeps track of the            identifier of all the events concerning the data, the            identifier of the user at the origin of the event and the            date of the event.

The advantages and characteristics of the second to fourth aspects ofthe present invention being identical to those of the first aspect, theywill not be repeated here.

Other advantages, objectives and characteristics of the presentinvention will appear in the description here below, with the figures inthe appendixes in which:

FIG. 1 represents schematically a particular embodiment of the presentinvention,

FIG. 2 represents schematically a logical diagram implemented in thefirst embodiment of the process object of the present invention, and

FIG. 3 represents schematically a logical diagram implemented in asecond embodiment of the process object of the present invention.

Before describing the figures, here are definitions of the terms used inthe description.

A data <<envelope>> is a document, a file or a conditioned work formedby the contents of data, documents, file or work referred to as “digitalconditioning”.

An <<Au author user>> is and identified user who has been grantedenvelopes creation rights.

A <<Wc works controller>> or “post office” is a subscriber's monitoringequipment and an envelope circulation equipment.

A <<Dc device controller>> or <<postal agency>> is a management andcontrol equipment for Wc “post offices”.

A <<certificate>> is a grouping allowing to check the validity of levelof the identity of its owner. In the description, it can take the formof:

-   -   either an e-mail address, and the identification is then made        during the process of the device Di object of the present        invention;    -   or through a PKI compliant file and/or ITU X509, the        identification is then carried out through a classical public        Key embedded in the X509 certificate and the validity of the        certificate is checked through the trusted third part specified        in the X509 certificate.

A hash value or imprint is the contraction of an initial element such asthe initial element cannot be obtained from the hash value and in whichthe smallest variation of the initial element modifies the hash value.

A <<conditioning>> is the allocation of attributes to data, a file, adocument or a piece of work in order to protect them with the presentinvention, and in some particular embodiments, to guarantee thenotarization parameters and control their future circulation and/ormodification.

<<Digital conditioning attributes>> is information representatives ofpredetermined events liable to affect said data during its future use.

<<Circulation control>> are the elements ensuring data traceability, anddeciding on their usage conditions.

A <<work>> is any document or set of digitizable documents. This notionincludes any type of data, files or documents. <<Notarization>> is therecording of key elements of the transaction between two parties by anauthorised third party. This technique improves the security of an EDIsystem since it ensures various recording and storing tasks of assentand received transactions (integrity, origin, date and destination ofthe data) through an authorised third party the trust. The third partymust acquire the necessary information through protected communicationsand store it.

FIG. 1 shows four entities implementing the first embodiment of thepresent invention:

-   -   the Au author user also called <<sender subscriber”,    -   in the recipient user also called “future user” Fu,    -   a Wc works controller and    -   a Dc device controller.

The first embodiment illustrated by FIG. 1 also implements a Deequipment dedicated to the implementation of the process object of thepresent invention as well as other processes, Pv, Pa, Pc, Pu, and Pxdescribed herein. The produced conditioned document is symbolised inFIG. 1 by an envelope. The date stamp acquired through a trustworthytimestamp is symbolized by an analog dial in by the “NTP” lettersreferring to the protocol used for timestamp acquisition.

In the first specific embodiment of the present invention illustrated inFIG. 1, the Wc works controller is in charge of user management (adding,modifying, cancelling) and of remote control of emitted works and the Dcdevice controller is in charge of the management of the “post offices”Wc (adding, modifying, cancelling), and of the remote control of theirproper running.

The Wc works controller submits at each connection the author of the Auwork of the Di device to a Pa authentication process. The Wc workscontroller also carries out in a Pc conditioning process of the creativework, receives and stores, for further comparison in a Pu usage process,all of the works digital conditioning attributes on the De equipmentdevice he uses in the Di device.

As illustrated in FIG. 2, the Pc conditioning process of the digitalwork O consists of:

-   -   step 101, for the Au author user, to create in empty conditioned        document, called envelope, on the equipment device De he uses on        the device Di and to name it;    -   step 102, for the Au author user, to bundle the Cp core part of        the envelope, consisting of the contents of the Ec work to be        inserted, optionally of the author certificate, of a free        notepad zone and of Nc “notarization” criteria of the envelope,        criteria that will allow the adjoining of a secondary envelope        Se during the process constituted annex Px of the envelope:    -   the future signatory users, under the form of a list Sc of        signatory certificates,    -   the future destinee users, under the form of a list R1 of        recipient certificates,    -   step 103, for the Au author user, to define the list of the        operations to carry out on opening the envelope Oo: Control of        usage conditions (period, frequency, . . . ), routines to be        executed (identification, payment, . . . ). Generally speaking,        the Di device will only allow access to the contents of the        envelope once all the verifications have been made during the Pu        usage process.    -   step 104, for the Au author user to go through the Pa        authentication process,    -   step 105, for the Au author user, to send to the Wc works        controller an envelope creation request to which the Au author        user adds the digital conditioning attributes of the envelope:        -   the Nc notarization criteria of the envelope, and        -   the list of operations to be performed when opening Oo.

Step 106, for the Wc works controller, to attribute a new instance le ofthe envelope in a table of envelopes Te and to recorder in the instanceIe line the references of the Au author user; to create a Ctconditioning table dedicated to the new envelope where the differentdigital conditioning attributes of the envelope Nc and Oo transmitted bythe Au author user will be stored; to store in the Te table ofenvelopes, in the corresponding line of the envelope instance Ie theaddress of the Ct conditioning table newly created.

-   -   step 107, for the Wc works controller, to transmit to the Au        author user:        -   The Ie instance number of the envelope, and        -   The Ha hash algorithm type to be used.    -   step 108, for the Au author user, to generate the Hw hash value        of the work with the Ha hash algorithm received to the Cp core        part of the envelope.    -   step 109, for the Au author user, to transmit the Hw hash value        to the Wc works controller.    -   step 110, for the Wc works controller, to receive from a        trustworthy timestamp the current date and time using it NTP        (Network Time Protocol); to generate a Th timestamp hash value        through the application of a Ha hash algorithm to a bundle of        the instance number of the envelope Ie, of the Hw work hash        value, of the current date and time.    -   Step 111, for the Wc works controller, to store in the Te        envelopes table in the corresponding line that of the Ie        envelope instance:        -   a) the Hw work hash value,        -   b) the date and time of creation of the envelope, as well as        -   c) the type of Ha hash algorithm used to generate the Th            timestamped hash value; to produce a Sh signed timestamped            hash value, by the encryption of the Th timestamped hash            value with the current private key of the Wc works            controller.    -   step 112, for the Wc works controller to generate a pair of        keys, dedicated to the new envelope instance, one private key Kv        and the other one public Kq, according to a key generation        algorithm Ak and to store in the table of envelopes Te, to the        line corresponding to the Ie envelope instance, its current        works generator certificate and the Kq public key which will        enable access to the contents of the work, while the Kv private        key is not kept after the Pc conditioning process.    -   step 113, for the Wc works controller, to transmit to the Au        author user a bundle consisting of:        -   The Ac/Ak encryption method and the Kv key,        -   The date and time of the envelope creation,        -   The Sh timestamped signed hash value,        -   Its X509 Wc controller certificate.    -   step 114, for the Au author user, to verify the Sh timestamped        signed hash value with the public key embedded in the Wc        controller certificate.    -   step 115, for the Au author user, to encrypt with the Ac/Ak        encryption method and the Kv key, the Cp core part of the        envelope; to form the bundle of the contents of the envelope        composed of:        -   a version number of the envelope format,        -   an X509 certificate of the Wc works controller,        -   the instance number In of the envelope,        -   the date and time of the envelope creation,        -   the Sh timestamped signed hash value,        -   the encrypted core part of the envelope,        -   the list of operations to be performed when opening Oo.    -   step 116, for the Au author user and the Wc works controller, to        calculate and store, each one separately the updating of the Cq        sequence control based upon the application to a chain        consisting, on the one hand, of the hash value of the log of the        transactions carried out by the user and, on the other hand, of        the last transactions carried out by the Au author user, with a        Ha hash algorithm; then to transmit said Cq sequence control to        the Dc device controller.    -   step 117, for the Dc device controller, to validate then        transaction has been carried through with both parties Au and        Wc, by comparing the Cq sequence controls respectively updated        by the two parties Au and Wc, and also by checking the        consistency of the date and time sent by Wc.    -   step 118, for the Au author user, to seal the envelope hereafter        named “sealed envelope”, by saving it under the form of the file        on the De equipment device in the Au author user uses on the Di        device.    -   step 119, for the Au author user, to transmit the closed        envelope to the first signatory S1 of the list Sc or, if there        is no signatory, to all the future users of the R1 recipients        list.

After the Pc conditioning procedure, steps 101 to 119, the author of thework, the Au author user may have included his author certificate in theCp core part of the envelope. If he wishes to be a signatory of thework, he must included himself/herself in the Sc signatories listdescribed in the definition of the secondary part Se of the envelope.Thus one can differentiate between the author and the lawyer who drawsup a writ: The lawyer is the author of the writ but not a signatory.

The particular embodiment of the process object of the present inventionillustrated in FIGS. 1 and 2 also includes an Pa authentication processof an Iu identified user, author user Au or Fu future user, with the Pvcontrol processes and Pc conditioning processes. The authenticationprocess here consists in:

-   -   step 120, during the first connection, for the Iu identified        user to connect the authentication support Sa, sent during the        Pt “contracting” process, on his De equipment device.    -   step 121, for the Iu identified user, to produce an        identification hash value Ci based on the application of an        identification chain defined by the identified user, of the Ha        hash algorithm (for the further steps of the process, the Iu        identified user must remember this identification chain which        will be required for each connection).    -   step 122, then for the Iu identified user, to form a Cc        connection chain composed of one fixed contents part and one        variable contents part in depending on the transactions carried        out on the Di device equipment by the Iu user:    -   a) the Cf fixed part contents is composed of the Ca agreement        code found on the support provided by the Pt contract process        and of the identification hash value Ci; and    -   b) the variable part contents Cq, also called sequence control,        is based upon the application to a chain, made of their hash of        the log of the transactions carried out by the user on the one        hand, and of the last transactions carried out by the Iu user,        of a Ha hash algorithm.    -   step 123, for the Dc device controller, to receive the Cc        connection chain from the Iu identified user, to extract the Ca        agreement code, the identification hash value Ci, the Cq        variable part contents, to compare the elements Ca and Cq with        the corresponding user references stored in the table of the Tu        table of identified users, and if consistent, to complete the        references of said Tu table by adding the Ci identification hash        value.    -   step 124, for the following connections, for the Iu identified        user, to connect the Sa authentication support.    -   step 125, for the Iu identified user and the Wc controller of        the Di device, to produce, each of them, a Cc connection chain.        Then for the Wc controller, to compare the connection chain it        has produced with the one produced by the Iu identified user.

The particular embodiment of the process object of the present inventionillustrated in FIG. 1 also includes an Pc contract process, processfollowing an attempt from a user to identify himself/herself and/or tosubscribe on the Di device and which is characterised for the Wc workscontroller, by the production of an authentication support Sa, supportwhich is delivered to the Iu identified user, following the Paauthentication process and the Pc conditioning process, which consistsfor the Wc works controller of:

-   -   step 130, to produce an Ca agreement code, based on the        application to an identity chain, provided by the Iu user of a        Ha hash algorithm. The identity chain is composed of several        elements regarding the identity of the Iu identified user (for        example, for a private natural person: name, first name, date        and place of birth).    -   step 131, to produce an email address specific to the Iu        identified user, such as user@device.com    -   step 132, to record the identity chain and the email address in        a Tu identified Users table, stored on the on the De equipment        device used in the Di device.    -   step 133, to register the Ca agreement code and the email        address on an physical authentication support Sa.    -   step 134, to deliver to the Iu user the authentication support        Sa.

The particular embodiment of the process object of the present inventionas illustrated in FIG. 1 also includes a Pu usage processing (processcharacterized by the implementation of digital conditioning attributescontained in the envelope upon access to said envelope by a Fu futureuser and particularly:

-   -   a step of checking that the usage conditions of the data are        respected    -   for or each predetermined event, during the conditioning        process, a step of storing said events, in the remote IT system,        and then of transmitting them towards the IT system of the        author user).        the envelope following the control process Pv and the        conditioning process Pc, which consist in:    -   step 141, for the Fu future user, to execute a first unbundling        of a closed envelope from which are retrieved:        -   a version number of the envelope format,        -   an X509 certificate of the Wc works controller,        -   the In instance number of the envelope,        -   the date and time of the envelope creation,        -   the Th timestamped signed hash value,        -   the encrypted core part of the envelope,        -   the list of operations Oo to be carried out upon opening,        -   the secondary part Se, added during the Px process.    -   step 142, for the Fu future user, to connect to the Wc works        controller determined during the first unbundling and to issue        the In instance number of the envelope.    -   step 143, for the Wc works controller to point in the table of        envelopes Ye to the instance corresponding to the received In        instance number.    -   step 144, for the Wc works controller to verify in the Ct        conditioning table of the envelope pointed to, if all the visas        of the future users of the Sc recipients list and of the future        users of the R1 recipients list have been stored. If this is the        case, the Wc works controller authorises the Fu future user to        go ahead with the process. If not, the Wc works controller        launches the “constitute annex” Px process.    -   step 145, for the Fu further user, to execute the actions of the        list of operations Oo to be executed upon opening; to transmit        to the Wc works controller a bundle formed of the reports of the        executed actions.    -   step 146, for the Wc works controller, to validate this report        by transmitting to the Fu future user a bundle formed of the Kp        public key, the Ac deciphering and Ha hashing algorithm types,        all being memorised in the instance pointed at in the table of        envelopes Te.    -   step 147, for the Fu future user, to decipher the Cp core part        of the envelope by using the Kp public key and the received Ac        encryption algorithm.    -   step 148, for the Fu further user, of debundling the Cp core        part of the envelope and to open its contents:        -   the contents of the Ec work,        -   the optional author certificate,        -   the optional notes and        -   the Nc notarization criteria (list of the signatory            certificates Sc and of the recipient certificates R1).    -   step 149, for the Fu further user, to debundle the secondary        part Se where will be found, in their order of appearance on the        Sc and R1 lists for each signatory and each recipient:        -   the certificate of the signatory of the hash value Sh,        -   the date and time stamp of the visa, and        -   the Sh timestamped signed hash value.    -   step 150, for the Fu future user, to proceed, if he wishes so,        to various checks, such as verifying:        -   a. the contents of the envelope, its creation date and the            identity of its author by deciphering the Sh timestamped            signed hash value using the elements included in the X509            certificate embedded in the envelope and by comparing it            against the hash value resulting from the different elements            of the envelope (the Ie instance number of the envelope, the            Hw work hash value, the current date and time, a Ha hash            algorithm—the Hw work hash value corresponding to the            hashing of the Cp core part of the envelope).        -   b. verifying in a similar manner the identity of the            signatories or recipients and the date of their visas by            using timestamped signed hash values and the certificates            included in the secondary envelope Se.        -   c. requesting confirmation to the Wc works controller by            transmitting the different timestamped hash values resulting            from the previous checks (i) and (ii).    -   step 151, for the Wc works controller, upon request of a Fu        future user, to compare the timestamped hash values transmitted        by the Fu future user with the initial timestamped hash values,        one of them being stored in the table of envelopes Te at the        instance pointed at during the Pu usage process, and for the        other ones, in the corresponding conditioning table Ct.    -   step 152, for the Wc works controller, to receive from a        trustworthy timestamp the current date and time using NTP        (Network Time Protocol);    -   step 153, for the Wc works controller, to produce a signed        timestamped hash value with the application of a hash algorithm        to a bundle formed        -   a. of the confirmation text and        -   b. of the date and time of confirmation    -   step 154, for the Wc works controller, to produce a signed        timestamped hash value, by the encryption of the Th timestamped        hash value with the current private key of the Wc works        controller    -   step 155, for the Wc works controller, to produce a signed        confirmation by forming a bundle composed of:        -   a. of the confirmation text        -   b. of the date and time of confirmation        -   c. the signed timestamped hash value        -   d. of its X509 Wc controller certificate;    -   step 156, for the Wc works controller, to transmit the signed        confirmation to the Future User Fu.

The particular embodiment of the process object of the present inventionas illustrated in FIGS. 1 and 2 also includes a “constitute annex” Pxprocess (This process allows:

-   -   to inform the author user and the signatory users of events        corresponding to predetermined events called “notarization        criteria” and    -   to bundle these events with the initial envelope to store its        information, even if the envelope is duplicated outside the        usual It system of the user) of the envelope following the Pu        usage process of the envelope which consists in:

In a first phase,

-   -   step 160, for the Wc works controller, to identify, in the Ct        conditioning table, the envelope pointed to during the Pu usage        process, the first signatory of the Sc list with a missing visa        or, if all the visas of the signatories are present, to go to        the second phase.    -   step 161, for the Wc works controller, to submit the Fu future        user to an Pa authentication process. In case the Fu future user        is not an Iu identified user for the system, to request from        him/her a signed X509 identity certificate, to control its        signature and to check its validity (non revoked) through the        trusted third part specified in said certificate.    -   step 162, for the Wc works controller, to validate this        identification by transmitting to the Fu future user, a bundle        formed of the Kp public key, the Ac deciphering and Ha hashing        algorithm types to be used, the whole being stored in the table        of envelopes Te at the instance pointed at during the Pu usage        process.    -   step 163, for the Fu further user, to decipher the Cp core part        of the envelope by using the Kp public key and the received type        of Ac encryption algorithm.    -   step 164, for the Fu further user, to debundle the Cp core part        of the envelope and to open its contents:        -   the contents of the Ec work,        -   the optional author certificate,        -   the optional notes,        -   the Nc notarization criteria (list of the signatory            certificates Sc and list of the the recipients R1).    -   step 165, for the Fu further user, to generate the Hw hash value        of the work with the Ha hash algorithm received to the core part        of the envelope Cp.    -   step 166, for the Fu identified further user, to transmit the Hw        hash value to the Wc works controller;    -   step 167, for the Fu further user, non identified by the system,        to sign the Hw hash value by applying to it an encryption        algorithm using the private key corresponding to the X509        certificate already transmitted; then to transmit the Hw hash        value together with the signed hash value to the to the Wc works        controller.    -   step 168, for the Wc works controller, to control the received        hash value (and in the case of a signed hash value, previously        deciphered) by comparing it with the hash value previously        stored in the table of envelopes Te during the Pc conditioning        process of the envelope.    -   step 169, for the Wc works controller, to receive from a        trustworthy timestamp the current date and time using it NTP        (Network Time Protocol).    -   step 170, for the Wc works controller, to generate a Th        timestamp hash value through the application of a bundle of the        In instance number of the envelope, of the hash value of the        core part Cp of the envelope (together with the signed hash        value for the non identified users), of the current date and        time, of an Ha hash algorithm.    -   step 171, for the Wc works controller, to store in the        conditioning table Ct of the envelope pointed to during the Pu        usage process, the signatory of the Sc list with a missing visa:        -   a. the Hw hash value (and if applicable for the non            identified users of the signed hash value)        -   b. the date and time of visa as well as        -   c. the type of Ha hash algorithm used to generate the Th            timestamped hash value.    -   step 172, for the Wc works controller, to generate, for the new        signatory, a pair of keys, one private key Kv, and the other one        public Kq key, with an Ak key generation algorithm, while the Kv        private key is not kept after the “constitute annex” Px process.    -   step 173, for the Wc works controller, to produce a Sh signed        timestamped hash value, by the encryption of the Th timestamped        hash value with the current Kv private key generated for the new        signatory.    -   step 174, for the Wc works controller, to store in the in the        pointed Ct conditioning table dedicated to the Ie envelope        instance:        -   a. the Kq public key of the transaction (with its X509 Wc            controller certificate in case of a non identified user),            the elements being used to verify the timestamped signed            hash value,        -   b. the date and time of visa of the signatory, and        -   c. the signed timestamped hash value.    -   step 175, for the Wc works controller, to transmit to the Fu        future user a bundle formed of:        -   a. the Kq public key of the transaction (with its X509 Wc            controller certificate in case of a non identified user),            —these elements being used to verify the timestamped signed            hash value,        -   b. the date and time of visa of the signatory,        -   c. the signed timestamped hash value.    -   step 176, for the Wc works controller, to transmit this bundle        to all the other signatories who have stamped the envelope and        who are listed in the Sc list.    -   step 177, for the Fu further user and the previous signatories,        to add the received bundle to the contents of the secondary part        Se of the envelope.    -   step 178, for the identified Fu further user and the Wc works        controller, to calculate and store, each, the update of the Cq        sequence control, based upon the application to a chain,        consisting of, on the one hand, a hash value of the log of the        transactions carried out by the user and, on the other hand, the        last transactions carried out by the Fu user, of an Ha hash        algorithm.    -   step 179, for the Fu further user, to transmit said Cq sequence        control to the Dc device controller.    -   step 180, for the Dc device controller, to validate the        transaction has been carried through with both parties Au and        Wc, on the one hand, by comparing the Cq sequence controls        respectively updated by the two parties Au and Wc and, on the        other hand, also by checking the consistency of the date and        time sent by Wc.    -   step 181, for the Fu further user, whether identified or not, to        transmit the sealed envelope and its secondary part, to the next        signatory of the Sc list, or if there is no signatory, to all        recipients of the R1 list.    -   step 182, for the Fu further user, identified by the system, to        end the process by retrieving its Sa authentication support.

In a second phase,

-   -   step 183, for the Wc works controller, to store in the Ct        conditioning table pointed to during the Pu usage process, the        recipients of the R1 list with a missing visa.    -   step 184, for the Wc works controller, to submit the Fu future        user to an Pa authentication process. In case the Fu future user        is not an Iu identified user for the system, to request from        him/her a signed X509 identity certificate, to control its        signature and to check its validity (non revoked) through the        trusted third party specified in said certificate. In case the        Fu future user does not have an X509 certificate, to request        from him/her a Cr confirmation of receipt in an        email—confirmation including:        -   a. the In instance number of the envelope,        -   b. the Sh timestamped signed hash value,        -   c. if possible the serial number of his De equipment device,        -   d. his/her email address.    -   step 185, for the Wc works controller, to validate this        identification by transmitting to the Fu future user, a bundle        formed of the Kp public key, the Ac deciphering and Ha hashing        algorithm types to be used, the whole being stored in the table        of envelopes Te at the instance pointed at during the Pu usage        process.    -   step 186, for the Fu further user, to decipher the Cp core part        of the envelope by using the Kp public key and the received type        of Ac encryption algorithm.    -   step 187, for the Fu further user, to debundle the Cp core part        of the envelope and to open its contents:    -   a. the contents of the Ec work,    -   b. the optional author certificate,    -   c. the optional notes,    -   d. the Nc notarization criteria (list of the signatory        certificates Sc and list of the recipients R1);    -   step 188, for the Fu further user, to generate the Hw hash value        of the work with the Ha hash algorithm received to the core part        of the envelope Cp.    -   step 189, or the Fu further user, non identified by the system,        but having an X509 certificate, to sign the Hw hash value by        applying to it an encryption algorithm using the private key        corresponding to the X509 certificate already transmitted; then        to transmit the Hw hash value together with the signed hash        value to the Wc works controller.    -   step 190, for the Wc works controller, to control the received        hash value (and in the case of a signed hash value, previously        deciphered) by comparing it with the hash value previously        stored in the table of envelopes Te during the Pc conditioning        process of the envelope.    -   step 191, for the Wc works controller, to receive from a        trustworthy timestamp the current date and time using it NTP        (Network Time Protocol).    -   step 192, for the Wc works controller, to generate a Th        timestamp hash value through the application of a bundle of the        instance number Ie of the envelope, of the hash value of the        core part of the envelope Cp (together with either the signed        hash value for the non identified users, or a Cr confirmation of        receipt), of the current date and time, of an Ha hash algorithm.    -   step 193, for the Wc works controller, to store in the Ct        conditioning table of the envelope pointed to during the Pu        usage process, the recipient of the list R1 with a missing visa.        -   a. the Hw hash value (and with either the signed hash value            for the non identified users, or a Cr confirmation of            receipt),        -   b. the date and time of visa as well as        -   c. the type of Ha hash algorithm used to generate the Th            timestamped hash value.    -   step 194, for the Wc works controller, to generate, for the new        recipient, a pair of keys, one private key Kv, and the other one        public Kq key, with an Ak key generation algorithm, the Kv        private key not being kept after the “constitute annex” Px        process.    -   step 195, for the Wc works controller, to produce a Sh signed        timestamped hash value, by the encryption of the Th timestamped        hash value with the current Kv private key generated for the new        recipient.    -   step 196, for the Wc works controller, to store in the pointed        conditioning table Ct dedicated to the Ie envelope instance:        -   a. the Kq public key of the transaction (with either its            X509 Wc controller certificate in case of a non identified            user, or a Cr confirmation of receipt), these elements being            used to verify the timestamped signed hash value,        -   b. the date and time of visa of the recipient, and        -   c. the signed timestamped hash value.    -   step 197, for the Wc works controller, to transmit to the Fu        future user a bundle formed of:        -   a. the Kq public key of the transaction (with either its            X509 Wc controller certificate in case of a non identified            user, or a Cr confirmation of receipt), the elements being            used to verify the timestamped signed hash value,        -   b. the date and time of visa of the recipient, and        -   c. the signed timestamped hash value.    -   step 198, for the Wc works controller, to transmit this bundle        to all the other signatories who have stamped the envelope and        who are listed in the Sc list.    -   step 199, for the Fu further user and the previous signatories,        to add the received bundle to the contents of the secondary part        Se of the envelope.    -   step 200, for the identified Fu further user and the Wc works        controller, to calculate and store, each one separately the        updating of the Cq sequence control, based upon the application        to a chain, consisting of, on the one hand, a hash value of the        log of the transactions carried out by the user and, on the        other hand, the last transactions carried out by the Fu user, of        an Ha hash algorithm; and to transmit said Cq sequence control        to the Dc device controller.    -   step 201, for the Dc device controller, to validate the        transaction has been carried through with both parties Fu and        Wc, on the one hand, by comparing the Cq sequence controls        respectively updated by the two parties Fu and Wc and, on the        other hand, also by checking the consistency of the date and        time sent by Wc.    -   step 202, for the Fu further user, identified by the system, to        end the process by retrieving its Sa authentication support.

The particular embodiment of the process object of the present inventionas illustrated in FIGS. 1 and 2 is implemented by a device equipment De,for instance a micro-computer for example, PC compatible—or anyprogrammable device, able to run the various processes of the device Diobject of the invention and equipped with:

-   -   an operating system able to run the various processes of the        device Di    -   a device for accessing a WAN managed by the operating system        (ex: modem, LAN/WAN card)    -   and the following peripherals managed by the operating system:        -   a. either a reader of non modifiable authentication support            Sa (for example: cd-rom)        -   b. or a reader of authentication support Sa, allowing the            remote modification of a memory area (ex: dongle, smart            card, . . . ).

Said equipment devices De specifically dedicated to each of the four“entities” of the Di device:

-   -   a. the author and creator of the work, <<the Au author user”,    -   b. the user of the work, <<Fu future user”,    -   c. the Wc conditioned works controller    -   d. the Dc device controller.

In a first application, the equipment device De is a micro-computer—forexample a PC compatible one-, with a cd-rom drive and a modem; theauthentication support Sa is a cd-rom; The operating system is Linuxwith a 2.2 kernel.

Within this application, the Ha hash and encryption algorithms using aAc/Ak public key, which are referred to in the present description, areSHA (acronym for <<Secure Hash Algorithm>> for the Ha algorithm and RSA(acronym for <<Rivest, Shamir and Adelman”) for the Ac and Ak algorithm.

According to a variant of the first two applications, the Ha hashalgorithm is MD5 (acronym of “Message Direct 5”).

According to a variant of the first two applications, the encryptionalgorithm Ac/Ak using a public key is the DH (acronym of<<Diffie-Hellman”).

According to a variant of the first two applications, the encryptionalgorithm Ac/Ak using a public key is DSA (acronym of “Digital SignatureAlgorithm>>).

The description of the FIGS. 1 and 2 refers to a <<PC compatible>>micro-computer with a linux operating system, but also applies to anyprogrammable equipment running an operating system able to run thevarious processes of the Di device, and particularly a micro or minicomputer, with a standard configuration—processor, mother board,controller cards of the standard peripherals and standard peripherals(keyboard, display, storage peripheral)—with an operating system able torun the various processes of the present device.

The description of the FIGS. 1 and 2 refers to Ha SHA and MD5 hashalgorithms, but also applies to any algorithm resulting in thecontraction of an initial element such as the initial element cannot beobtained from the hash value and in which the smallest variation of theinitial element modifies the hash value.

The description of the FIGS. 1 and 2 refers to Ac public key encryptionalgorithms, DH and DSA, but also applies to any algorithm resulting inthe encryption of a message by a private key and its deciphering by apublic key, and such as the deciphering of the private key from thepublic key is made as complex as possible.

One notices, in FIG. 3, a second embodiment of a typical application ofthe invention including:

-   -   a 300 step of the user subscribing to a data conditioning        service,    -   a step 302 of user rights purchase, called <<stamps>>, by said        user, from the data conditioning service, the number of stamps        owned by said user being kept by a remote It system accessible        from the IT system of the author user via internet,    -   a step 304 of data creation, for instance using a word        processing software, a spreadsheet, or a CAD software,    -   while the document containing the data to be protected is open,        a step 306 of selecting the conditioning functions offered by        the implementation of the present invention, in which the user        right-clicks his pointing devise, a mouse for instance,        visualises the contextual menu mentioning a reference to the        data conditioning object of the present invention, and selects        the conditioning function,    -   a step 308 of setting up the conditioning, in which the user may        select the usage conditions of the data:        -   a. at least one future user is authorized to access the            data, in read only mode, or in edit mode,        -   b. at least one future user is authorized to access the            data, in read and write mode,        -   c. or a time limit in the access rights, for instance by            selecting a predetermined time span, e.g. two weeks, or by            the selection of an expiration date for the data, and        -   d. authentication conditions for each recipient future user,            for instance, password, digital certificate, digital            signature,    -   a step 310 of assignation, in the IT system of an author user,        of attributes referred to as <<digital conditioning>> of said        data, attributes corresponding to at least one predetermined        event that is liable to affect said data in the course of their        future use, including, identifiers of future users authorized to        be exposed to said data (<<recipients>>), identifiers of future        users signatories of said data, the access conditions (personal        code, digital signature, for instance) and use of said data        (right to copy, download or modify the data, for instance) and        if applicable, an identification of the author of the data,    -   a step 312 of attribution, in the IT system of an author user,        of information that guarantees the integrity of said data, a        hash value for instance, as shown on FIGS. 1 and 2,    -   a step 314 of data encryption,    -   a step 315 of setting up a file called <<envelope>>, in the IT        system of an author user, envelope carrying data, of digital        conditioning attributes affected to said data and some        information that secures the integrity of said data,    -   a 316 step of storage, in a remote IT system, of the digital        conditioning attributes of said data (element enabling the        deciphering of said encrypted data, for instance) of the        information that secures the integrity of said data, and if        applicable, of said encrypted data,    -   a step 318 of deducting a stamp from the number of stamps on the        author user's account,    -   a step 320 of communicating said data or information on the        availability of said data, between the author user and a        recipient future user,    -   a step 322 of connecting the recipient future user and the        remote IT system, to access said encrypted data (preferably,        each event regarding said data can only be set, by a future        user, during a connection between the IT system of said future        user and the remote IT system),    -   a step 324 of verifying the usage conditions of the data are        respected by the recipient further user (right or not to edit        data, identification of the future user through the        implementation of a digital certificate or of a digital        signature identifying the IT system of the future user or the        future user himself/herself, for instance)    -   for each event regarding said data, and particularly, each        access to said data and each modification of said data, a step        326 of storage, in the remote IT system and in relation with the        attributes of said data, of an identifier of said event, of the        date of said event, and if applicable, an identifier of the user        at the origin of the event, an internet address (<<IP>) and/or        an identification of the Internet Service Provider (“ISP”) of        the future user,    -   when said data is modified by the recipient future user, the        remote IT system goes through the step 328 storing the        modifications made to said data,    -   during at least one part (for instance the digital signature        and/or the modification of the data) of the events affecting        said data, a step 330 of transmission, to the author user, of an        acknowledgement receipt identifying the recipient future user        who triggered said event (as a variation, during the        transmission step 330, you transmit, to each author user and to        each signatory user, an identifier of at least one predetermined        event, of the occurrence date of each predetermined event and of        the identification of the future user triggering the event), and    -   at each connection between the author's IT system and the remote        IT system, an update and storage step 332 of predetermined        events corresponding to the attributes of the data in the IT        system of the author, so that the IT system of the author keeps        track of, for each event regarding said data, the identifier of        said event, the identifier of the user at the origin of the        event and its date (preferably, the step 332 includes a bundling        step of said events occurred with said envelope, in each IT        system of each author and of each signatory user, either        automatically, or as soon as he connects to the remote IT        system).

One notices that the data within the envelopes is modifiable only underthe following circumstances:

-   -   the data within the envelope is impossible to forge; and    -   the events resulting in the modification of the data inside the        envelope are stored but they do not cancel nor replace the        initial data provided by its author.

According to variantes, each access to data will deduct one “stamp” fromthe user's account.

Each step of FIG. 3 is explained with the description of FIGS. 1 and 2.

1. A process for protecting data, characterized by: a step of assigning(310), in the IT system of an author user, attributes referred to as<<digital conditioning>> of said data, attributes corresponding to atleast one predetermined event that is liable to affect said data in thecourse of their future use, a step of attributing (312), in the ITsystem of an author user, information that secures the integrity of saiddata, a step of setting up a file called <<envelope>> (315), in the ITsystem of an author user, envelope carrying data, digital conditioningattributes affected to said data and information that secures theintegrity of said data, a step of storing (316), in a remote IT system,digital conditioning attributes affected to said data and informationthat secures the integrity of said data, for each predetermined eventrelated to said data, a step of storage (326), in the remote IT systemand in relation with the attributes of said data, of an identifier ofsaid event and of the date of said event, and at each connection betweenthe author's IT system and the remote IT system, a step of storing (332)predetermined events corresponding to the attributes of the data, in theIT system of the author, so that the IT system of the author keepstrack, for each event regarding said data, of the identifier of saidevent, the identifier of the user at the origin of the event and thedate of said event.
 2. A process according to claim 1, characterized inthat, during the attribution of digital conditioning attributes, theattributes of said data include an identifier of the author of the data.3. A process according to claim 1, characterized in that, during theattribution of digital conditioning attributes, the attributes of saiddata include an identifier for each future user, signatory or recipient,of said data.
 4. A process according to claim 1, characterized in thateach event regarding said data can only be set, by a future user, duringa connection between the IT system of said future user and the remote ITsystem.
 5. A process according to claim 1, characterized in that, duringthe step of storing, in the remote IT system, the event identifier(326), the remote IT system also stores an identifier of the user at theorigin of said event.
 6. A process according to claim 1, characterizedin that it includes a step of determining the usage conditions of saiddata, by the IT system of an author user, and, upon each access query tosaid data, a step of checking that the usage conditions of the data aremet.
 7. A process according to claim 6, characterized in that the usageconditions include identification conditions of the future user.
 8. Aprocess according to claim 7, characterized in that, identificationconditions of the user include, at least, the implementation of adigital certificate identifying the IT system of the future user.
 9. Aprocess according to claim 7, characterized in that, identificationconditions of the user include, at least, the implementation of adigital signature identifying the IT system of the future user.
 10. Aprocess according to claim 6, characterized in that, usage conditions ofthe user include or not a right, to edit said data.
 11. A processaccording to claim 1, characterized in that, during at least one part,for instance the digital signature, of the events affecting said data, atransmission step, to the author user, of an acknowledgement receiptidentifying the recipient future user who triggered said event (330).12. A process according to claim 1, characterized in that, when, duringa predetermined event, said data is modified by the recipient futureuser, the remote IT system goes through the step of storing themodifications made to said data (328).
 13. A process according to claim1, characterized in that the digital conditioning attributes determinewhich future users will be authorised to sign the data.
 14. A processaccording to claim 1, characterized in that, or at least onepredetermined event, the digital conditioning attributes allocatedduring the step of attributing data attributes, represent a usagecondition of said data.
 15. A process according to claim 1,characterized in that the process includes a step of transmitting, toeach author user and to each signatory user, an identifier of at leastone predetermined event, the date of each predetermined event and theidentification of the future user triggering the event (330).
 16. Aprocess according to claim 15, characterized in that also, a step ofbundling said events with said envelope, in each IT system of eachauthor and of each signatory user.